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1. (Amended) 



A method of preventing undesirable activities of Executable Objects via 



an application, comprising denying to the same application, or one or more of its threads, 
access to a secured resource if said application, or one or more of its threads, has previously 
exhibited Internet behavior and has not met a specific condition for accessing said secured 
resource, and denying said application, or one or more of its threads, Internet behavior if, at a 
time access is sought to the Internet, said application, or one or more of its threads is 
accessing a secured resource. 

2. (Amended) A method according to claim 1, further comprising recording in a 



memory events representative of Internet behavior, keeping a record of all secured resources 
that are to be kept secured and when an application that has previously exhibited Internet 
behavior attempts to access one such secured resource, denying access to said secured 
resource, unless: 



a) 



At least a predetermined period of time has passed since a last 



Internet behavior; or 



b) 



Said application, or one or more of its threads, has performed at 



least a predetermined number of operations after exhibiting Internet 



behavior; or 



c) 



Another preset condition has been fulfilled. 
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3. (Amended) A method according to claim 2, wherein the preset condition comprises 
an exercise of control over execution of downloadables received during Internet behavior, to 
ensure that no unexecuted downloadable may access the secured resource. 

4. (Amended) A method according to claim 2, wherein the present condition comprises 
an analysis of downloadables to ascertain the downloadables are harmless. 

5. (Amended) A method according to claim 1 , wherein Internet behavior is denied by 
disabling a network connection creation. 

6. (Amended) A method according to claim 1, wherein Internet behavior is denied by 
disabling specific protocols. 

7. (Amended) A method according to claim 6, wherein the specific protocols comprise 
HTTP, FTP, SMTP, or like communication protocol. 

8. (Amended) A method according to claim 1, wherein Internet behavior is denied by 
disabling a transfer of executable objects in communication protocols. 

9. (Amended) A method according to claim 5, wherein access to trusted sites is not 
denied. 
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1 0. (Amended) A method according to claim 1 , wherein access to a secured resource is 
denied by disabling a thread using a specific system service that is used to access the secured 



resource. 



1 1 . (Amended) A method according to claim 1 , wherein all sub-threads of a thread that is 
denied access to a secured resource are also denied access to secured resources. 

12. (Amended) A method according to claim 1 , wherein all sub-threads of a thread that is 
denied Internet behavior are also denied Internet behavior. 

1 3 . (Amended) Apparatus for preventing undesirable activities of Executable Objects via 
an application, comprising a memory for storing a record of Internet behavior of a plurality of 
applications, and means for denying to an application access to a secured resource if the 
application has previously exhibited Internet behavior and has not met a specific condition for 
accessing said secured resource. 

14. (Amended) Apparatus for preventing undesirable activities of Executable Objects via 
an application, comprising a memory of storing a record of Internet behavior of a plurality of 
applications, and means for denying an application, or one or more of its threads, Internet 
behavior if, at a time access is sought, said application, or one or more of its threads, is 
accessing a secured resource. 
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15 . (Amended) A system for preventing undesirable activities of Executable Objects via 
an application, comprising a computer on which one or more applications are to run, said 
computer being connectable to the Internet or Intranet, or Extranet, said computer being 
provided with a memory for storing a record of Internet behavior of each of said plurality of 
applications, and means for denying to an application access to a secured resource if the 
application has previously exhibited Internet behavior and has not met a specific condition for 
accessing said secured resource. 



16. (Amended) A system for preventing undesirable activities of Executable Objects via 
an application, comprising a computer on which one or more applications are to run, said 
computer being connectable to the Internet or Intranet or Extranet, said computer being 
provided with a memory for storing a record of Internet behavior of each of said plurality of 
applications, and means for denying an application, or one or more of its threads, Internet 
behavior if, at a time Internet behavior is exhibited, said application, or one or more of its 
threads, is accessing a secured resource. 




1 8. (New) A method according to claim 2, wherein Internet behavior is denied by disabling 
a network connection creation. 



19. (New) A method according to claim 3, wherein Internet behavior is denied by disabling 
a network connection creation. 
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20. (New) A method according to claim 4, wherein Internet behavior is denied by disabUng a 
network connection creation. 

21 (New) A method according to claim 2, wherein Internet behavior is denied by disabling 
specific protocols. 

22. (New) A method according to claim 3, wherein Internet behavior is denied by disabling 
specific protocols. 

23. (New) A method according to claim 4, wherein Internet behavior is denied by disabling 
specific protocols. 

24. (New) A method according to claim 21 wherein the specific protocols comprise HTTP, 
FTP, SMTP, or like communication protocol. 

25. (New) A method according to claim 22, wherein the specific protocols comprise HTTP, 
FTP, SMTP, or like communication protocol. 

26. (New) A method according to claim 23, wherein the specific protocols comprise HTTP, 
FTP, SMTP, or like communication protocol. 
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27. (New) A method according to claim 2, wherein Internet behavior is denied by disabling a 
transfer of executable objects in communication protocols. 
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28. (New) A method according to claim 3, wherein Internet behavior is denied by disabling 
transfer of executable objects in communication protocols. 

29. (New) A method according to claim 4, wherein Intemet behavior is denied by disabling 
a transfer of executable objects in communication protocols. 

30. (New) A method according to claim 1, wherein access to trusted sites is not denied. 

31. (New) A method according to claim 2, wherein access to a secured resource is denied by 
disabling a tliread using a specific system service that is used to access the secured resource. 

32. (New) A method according to claim 3, wherein access to a secured resource is denied by 
disabling a thread using a specific system service that is used to access the secured resource. 



33. (New) A method according to claim 4, wherein access to a secured resource is denied by 
disabling a thread using a specific system service that is used to access the secured resource. 



